239 matches found
KVM: s390: pci: fix GAIT table indexing due to double-scaling pointer arithmetic
...
Linux Distros Unpatched Vulnerability : CVE-2026-52968
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - KVM: s390: pci: fix GAIT table indexing due to double-scaling pointer arithmetic kvms390pciaifenable, kvms390pciaifdisable, and aenhostforward index the GAIT by...
CVE-2026-53117
In the Linux kernel, the following vulnerability has been resolved: s390/cio: use generic driveroverride infrastructure When a driver is probed through driverattach, the bus' match callback is called without the device lock held, thus accessing the driveroverride field without a lock, which can...
CVE-2026-53110
The CVE-2026-53110 entry concerns the Linux kernel s390/s390x BPF JIT: the ABI requires zero-extending unsigned arguments and return values, but the JIT historically performed only sign-extension. The connected Red Hat, Debian/Ubuntu OSV entries and the NVD description confirm the issue and its r...
PT-2026-51862
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the KVM s390 PCI implementation where the GAIT table is indexed using double-scaling pointer arithmetic. The functions kvm s390 pci aif enable, kvm s390 pci aif disabl...
PT-2026-52004
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the s390 BPF JIT Just-In-Time compiler, which is a component that translates BPF bytecode into native machine code for faster execution. The s390x ABI Application Bina...
SUSE SLES16 Security Update : kernel (SUSE-SU-2026:21845-1)
The remote SUSE Linux SLES16 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:21845-1 advisory. The SUSE Linux Enterprise 16.0 kernel was updated to fix various security issues The following security issues were fixed: - CVE-2023-2058:...
CVE-2026-45981
A flaw was found in the Linux kernel, specifically within the s390/cio component. This vulnerability stems from incorrect device lifecycle management during subchannel allocation. This could allow an attacker to trigger use-after-free or double-free conditions, potentially leading to system...
CVE-2026-45981
In the Linux kernel, the following vulnerability has been resolved: s390/cio: Fix device lifecycle handling in cssallocsubchannel cssallocsubchannel calls deviceinitialize before setting up the DMA masks. If dmasetcoherentmask or dmasetmask fails, the error path frees the subchannel structure...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fixed an issue where the HCAPORTS component was unregistered twice. Cleared hcadevcomcomp in the device’s private data after unregistering it during LAG teardown. Otherwise, a slightly delayed second pass through...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: s390/vmem: Split pages when debug pagealloc is enabled. Since commit bb1520d581a3 “s390/mm: Start kernel with DAT enabled”, the kernel crashes early during boot when debug pagealloc is enabled. Symptoms: - Memory initialization:...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: s390: Avoid using a global register for the currentstackpointer. The commit 30de14b1884b “s390: The currentstackpointer should not be a function” changed the currentstackpointer to a global register variable, as is common on many...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: s390/cio: A race condition during online processing has been fixed. There is a race condition in the ccwdevicesetonline function, which can cause the online process to fail, leaving the affected device in an inconsistent state. A...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: KVM: s390: pv: fix index value of replaced ASCE The index field of the struct page corresponding to a guest ASCE should be 0. When replacing the ASCE in s390replaceasce, the index of the new ASCE should also be set to 0. Using th...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: s390/dasd: Fixed the issue of invalid dereferencing of indirect CCW data pointers. The issue involved invalid dereferencing of the indirect CCW data pointer in the dasdeckddumpsense function. This caused a kernel panic in certain...
Astra Linux – Vulnerability in Linux, Linux 5.10
A flaw was discovered in the s390 eBPF JIT mechanism within bpfjitinsn in the arch/s390/net/bpfjitcomp.c file of the Linux kernel. In this flaw, a local attacker with special user privileges can bypass the verifier, potentially leading to confidentiality issues...
CVE-2026-31568
A flaw was found in the Linux kernel. This vulnerability, located in the s390/mm component, is due to missing secure storage access fixups for memory donated to the Ultravisor. When secure storage access exceptions occur for such memory, the kernel can enter an unresolvable loop. This can lead to...
CVE-2026-31568
In the Linux kernel, the following vulnerability has been resolved: s390/mm: Add missing secure storage access fixups for donated memory There are special cases where secure storage access exceptions happen in a kernel context for pages that don't have the PGarch1 bit set. That bit is set for...
CVE-2026-31568
Summary: CVE-2026-31568 affects the Linux kernel s390/mm, where donated memory to the Ultravisor lacked PG_arch_1-safe export handling. The root cause is that secure storage access exceptions can occur for such pages, previously mid-flight exporting the page via arch_make_folio_accessible() would...
s390/syscalls: Add spectre boundary for syscall dispatch table
...